There's another program like this. With own windowlist and additional
features. A bit bigger but perhaps also interesting for you:
http://www.pizzamampf.de/tools/window-hide.htm
Bye
Thomas
Was planning to just right a patch for win nmap but there was a
problem with the sources (no
On Wed, 19 Nov 2003 [EMAIL PROTECTED] wrote:
There is a vulnerability in Apple's Terminal.app for OS X which affects
Apple laptops.
When running from the Terminal (within the Unix shell), the command
sudo normally will not prompt for a password for five minutes after the
password was last
This sounds more like an issue with sudo than terminal. Have you
tested to see if sudo displays the same behaviour on other machines?
Yes, it is an issue with sudo. It occurs when using Terminal. I ran the
text by Apple and they were OK with this description. I understand the
title seems
Application: Kerio Winroute Firewall 5.10
Vendor: Kerio Technologies Inc.
Vendor Site: http://www.kerio.com
Remote: Yes
Exploitable: Yes
Risk level: Critical (if proxy requires authentication)
Authors: Alexander Antipov 3APA3A (aka Pig Killer)
Authors Sites: http://www.securitylab.ru
On Tuesday 18 November 2003 14:18, Jason Ziemba wrote:
I'm not going to claim that my method is fool-proof, but..
If you are using sessions on your site then you should have the ability to
track the movement of a user through-out your system.
If you record the last page the user was on (with
Probably is known, but is not documented:
Vendor: Valve software
Software: hlds, all versions (including steam).
Problem: Information leak, DoS
Author: SYZo[SND]
Problem:
in server configuration, if allowdownload = 1, it's possible to download
any file from directory of the current game
On Mon, 17 Nov 2003, Shawn McMahon wrote:
Daniel Sichel wrote:
Host the DNS and sendmail servers directly on your firewall. The
operating system should be better protected against a wide-range of
exploits.
Implementing two of the most common targets of exploit sort of
eliminates the
On Mon, 17 Nov 2003, Gary E. Miller wrote:
Yo Thomas!
Some ISPs like AOL use ganged proxies/caches. You may get the same session
from different proxies as they round robin.
Overly agressive web caches are a big problem for web apps.
not to mention that IP's can be spoofed.
Thanks,
Ron
Thanks to all for the good responses which are, to say the least mildly
disturbing. I WAS looking forward to some good night's sleep, but you
folks put paid to that!
snip
They may find a way AROUND it, or
socially engineer their way in, sure. Just not THROUGH it.
snip
Hmmm. Always a disurbing
--On Wednesday, November 19, 2003 12:00 PM -0500
[EMAIL PROTECTED] wrote:
There is a work-around for this vulnerability of course - actually
several.
1. Never use sudo (not particularly practical).
2. Never put your box to sleep after a sudo unless at least 5 minutes
(or whatever your
Basically, version 4.1 failed to do actually do HTTP syntax checking
making
the HTTP proxy a generic proxy in function. So all the HTTP protocol
violation style attacks weren't blocked at all. Proved it using tools
off
packetstorm. Told SCC about it and proved it to them as
well. Then
In order for someone to exploit this they wouldn¹t they need physical
access? And if they had physical access they could simple just boot into
single user mode (enabled by default), or off a cd (enabled by default), or
simply steal the machine.
On 11/19/03 12:27 PM, [EMAIL PROTECTED] [EMAIL
hi,
yes, you gotta have physical access. additionally, it must be in an
environment the user (who owns/operates the machine) trusts that much, that
(s)he leaves the machine _logged in_ *and* put it into sleep mode.
don't think it's a big problem. if you don't trust your environment that
much
Afriend
contracted this .hta that seems to edit your profile with a link to itself, http://www.talkstocks.net/
attached is the hta file it attempts to run.
Its looks to be encoded, which is something i dont know much about but im sure
most people on this list will have no problem reading
bryce [EMAIL PROTECTED] wrote:
I'm new to this list, and sorta new to security on a computer. But can
someone tell me what program runs a .hta file??
Sigh. Since no one else seems inclined actually to answer this
question, I'll do it.
In a (pea)nutshell, Microsoft Internet Explorer is the
For all who were interested in reviewing the suspect binaries, I have
posted them on my Web site:
http://www.gilliss.com/greg/bin/awsqyf.zip
http://www.gilliss.com/greg/bin/update1991.zip
The first is 52521 bytes and the second is 51529 bytes. Both executables,
when uncompressed, measure 106496
16 matches
Mail list logo
